10 Feb
2004
10 Feb
'04
5:02 a.m.
one thing i like to ask is is nonce field used as encrypted password...
Regards
Dhawan K
---------- Original Message -----------
From: Jiri Kuthan <jiri(a)iptel.org>
To: "kapil dhawan" <oswriter(a)hotmail.com>
Cc: serusers(a)lists.iptel.org
Sent: Tue, 10 Feb 2004 02:18:36 +0100
Subject: Re: [Serusers] Password
At 02:11 AM 2/10/2004, kapil dhawan wrote:
>thats absolutely fine i know md5 is used....i can also compare coming
password
in requested with my md5 converted password but i am stuck with how
and where to read pasword information coming in a request
The authentication module does it for you. It takes the MD5-hashed value
from request (example bellow) and compares it against expected value based
on credentials stored in subscriber table. The table may be located in
mysql,
dbtext or whereever.
-jiri
example:
Authorization: DIGEST username="17479383213",
realm="proxy01.foobar.com",
algorithm=MD5,
uri="sip:proxy01.foobar.com",
nonce="4028321e2577ba09167c3c5702bc2105d560dbaa",
response="6e71e5747df3198d24d00fb2a8733392"
>>From: Jiri Kuthan <jiri(a)iptel.org>
>>To: "kapil dhawan" <oswriter(a)hotmail.com>om>,
serusers(a)lists.iptel.org
>>Subject: Re: [Serusers] Password
>>Date: Mon, 09 Feb 2004 08:27:26 +0100
>>
>>At 05:04 AM 2/9/2004, kapil dhawan wrote:
>>>Hi
>>>How can i retrieve password coming in 'REGISTER' Request.
>>
>>There is fortunately no easy way to do it. SIP used MD5 digest
>>function which would be quite hard to reverse for you.
>>
>>>problem is i don't want to do mysql authentication as i have less
space...
>>
>>use dbtext module.
>>
>>-jiri
>
>_________________________________________________________________
>Contact brides & grooms FREE! http://www.shaadi.com/ptnr.php?ptnr=hmltag
Only on www.shaadi.com. Register now!
--
Jiri Kuthan http://iptel.org/~jiri/
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
------- End of Original Message
-------
.
Disclaimer
--------------------------------------------------------------------------
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity
to whom they are addressed. If you have received this email
in error please notify the system manager. Recipients must
check this email and any attachments for the presence of
viruses before downloading them. Direct Internet /
Primus India accepts no liability for any damage caused by
any virus transmitted by this email.